I was excited back in 2010 when HHS started posting breaches on what some would call the “wall of shame.” I knew that we’d only learn about breaches involving HIPAA-covered entities, but at least we were finally starting to get some actual data. Now, more than 6 years later, it’s become clear to me that it’s probably best to just call time of death…
Category: Subcontractor
TN: Williamson County Schools warns parents of security breach in student/teacher software
A follow-up on a breach previously noted on this site. I imagine we’ll see a number of these from school districts in the weeks and months to come. Williamson County Schools sent a message to parents Friday warning about a security breach of it’s (sic) Edmodo system putting student and parent information at risk. The…
“Shoot the messenger:” NYC hospital and vendor threaten DataBreaches.net for reporting on their security failure
Vendor’s mistake potentially exposed “millions” of Bronx-Lebanon Hospital patients’ information; Hospital and vendor try to claim that iHealth Solutions was “hacked” by security researchers who uncovered the security problem; Hospital and vendor issue series of demands, threaten DataBreaches.net for reporting on incident; On May 3, Kromtech Security’s research team, conducting routine research, found that confidential and sensitive patient…
Former Government Contractor Pleads Guilty To ID Theft Scheme
A former government contractor pleaded guilty Friday to stealing the identities of numerous co-workers to make purchases at online retailers such as Amazon, Express, and Victoria’s Secret. According to the statement of facts filed with the plea agreement, Lakeisha Bradshaw, 28, of Temple Hills, Maryland, was a government contractor employed by Veteran Solutions, Inc., and was…
UPDATE: iHealth Innovations responds to Bronx-Lebanon Hospital data security concern
Yesterday, DataBreaches.net reported on a misconfigured rsync backup that had been detected by Kromtech Security. The security firm had contacted DataBreaches.net for notification assistance on May 3 after unsuccessfully trying to notify iHealth Innovations that patient data from Bronx-Lebanon Hospital Center could be accessed and downloaded without any login required. One week later, we still do…
Guardian Soulmates website suffers data breach
Zack Marzouk reports: Those looking for love on Guardian Soulmates have instead found explicit emails in their inboxes following a data breach. Guardian News & Media, parent company of the dating site, ruled out any outside hack, instead blaming it on human error by one of its third party technology providers. A spokesperson said: “We…